Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.3 views

Astra Linux - уязвимость в git-lfs

Git LFS is an extension of Git for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host’s URL to the git-credential1 command without checking for embedded line-ending control characters. It then sends any credentials it receives back...

8.5CVSS7.2AI score0.00326EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/01/30 2:58 p.m.2 views

git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs

A flaw was found in the Git LFS git extension. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the git-credential1 command without checking for embedded line-ending control characters and then sends any credentials it receives back from the Gi...

8.5CVSS5.7AI score0.00326EPSS
Exploits0References7
PyPA
PyPAadded 2023/06/30 6:15 p.m.5 views

PYSEC-2023-93

pacparserfindproxy in Pacparser before 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL which may be realistic within enterprise security products...

6.1CVSS7AI score0.00064EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2023/06/30 12:0 a.m.4 views

Pacparser 注入漏洞

Pacparser is a library for parsing Proxy Autoconfiguration PAC files by the individual developer Manu Garg. A security vulnerability exists in versions of Pacparser prior to 1.4.2 that stems from allowing JavaScript injection when an attacker takes control of a URL and may allow privilege...

6.1CVSS6.2AI score0.00064EPSS
Exploits1References2
BDU FSTEC
BDU FSTECadded 2019/11/14 12:0 a.m.1 views

The vulnerability of Cisco Aironet Access Points of models 1540, 1560, 1800, 2800, 3800, and 4800 lies in their lack of control over access to certain URLs. This allows attackers to gain unauthorized access to protected information, compromise data integrity, or cause service failures.

The vulnerability of Cisco Aironet Access Points of models 1540, 1560, 1800, 2800, 3800, and 4800 is related to deficiencies in access control to certain URL addresses. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information,...

10CVSS0.07098EPSS
Exploits0References2Affected Software6
CNVD
CNVDadded 2019/01/25 12:0 a.m.2 views

Cisco Small Business RV320 and RV325 Information Disclosure Vulnerabilities

The Cisco Small Business RV320 and RV325 are both enterprise-class routers from Cisco USA. An information disclosure vulnerability exists in the web-based management interface of the Cisco Small Business RV320 and RV325 using firmware versions 1.4.2.15 through 1.4.2.19. The vulnerability stems fr...

7.5CVSS6.5AI score0.94385EPSS
Exploits19References1
Rows per page
Query Builder